Monthly Archives: October 2014

Post navigation

The iCloud hack made the term Cloud storage a household one and led people to either (a) Google for celeb photos that were exposed, or (b) read up online on what cloud storage is all about. But many, as I mentioned in my last blog, were completely bogged down by the tech-terms being thrown around. After all articles rich in tech-heavy terms including encryption, ransomware, data-mining are not everyone’s favourite morning read. But still the cyber age demands working knowledge of all terms related to security. After all you might have a lot of data stored online or be active on social media. Maybe you also do a lot of online banking and shopping as well?

Or perhaps you have young ones at home.

In that case the parental instincts kick in and you force yourself to know as much as you can so that you can guide you children and ensure they are safe online.

As Cloud Storage is the in-thing let us start with that. What is this new type of data storage?

Cloud storage: Like we store all our earthly goods in cupboards, shelves, storage bins and bank lockers if valuable, we need a place to store all our virtual goods too. You would be surprised to know how much virtual goods we amass over years. So which is the best place to store these? We save them on the hard disk drive of your computer, pen drives, CDs and DVDS and even external HDDs. But these are physical objects that can get lost or damaged. So what’s a better option? Storing them online!

Cloud storage is when you save data online on a remote database maintained by a third party using the internet. This means your data is always available to you yet safe and you don’t have to carry around a physical storage device. You could also stream the data on other devices and share with others.

This brings us to the next question what is data encryption?

Data Encryption: This is how your data is transmitted to the remote database and kept there safely. It involves conversion of data into a secret code, called ciphertext. This would make it difficult for unauthorized people, meaning those without the requisite key, to access and understand the data. The process of reconverting the scrambled data to its original form is called decryption. This happens when you log in and enter your password.

Remember how people used the Morse code during wars to send messages? To a lay person who gets his hands on it, it would look like gibberish– Dot Dot Dash Dot…. That is data encryption. The person wanting to retrieve the data would need to have the key to convert the scrambled message into its original form. That’s decryption. Security firms are developing more and more complex encryptions but it is still possible for a computer expert to sometimes break into the system and decode it.

To make that difficult, a two-step verification system is of immense help as the hacker would require a second step, usually a code sent to the mobile, to login.

What if a hacker has low security expertise but wants to obtain your private details and Login credentials?

Social Engineering: This is a low-tech and psychology-intensive method that involves manipulation of a target to reveal private information, like by pretending to be a customer care personnel or tech-support provider. Get more info here.

Brute-Force Attack: As the name suggests this method employs less of technical skill and more of keyboard skills to deduce passwords. The hackers keep on tapping on computer keys in a defined pattern to find the correct combination of characters. They resort to this when they are unable to break through the security of an encryption system. In this method, hackers systematically check all probable passwords till they hit upon the right one.

The various methods employed to launch a brute-force attack are

Password guessing

Dictionary attack

Key guessing

Ransomware: This is a kind of ‘kidnapping’ of your data and holding it for a ransom. This is often the cause behind data hacking.

Now to put your mind at rest, let me share with you some of the measures being taken by various websites and security firms to keep hackers off your encrypted data stored online.

Complex Encryption: Web admins are working to make the encrypted data more complex so that hackers find it difficult to crack data and understand what it is that he has cracked

Password trial limitations: You will have noticed that as soon as you enter a wrong password, you are warned of the number of trials remaining. This is to ward off brute-force attacks

Time lag between successive attempts: This is a practice that is followed by several online banking services. If you log out of an account, you will not be immediately able to log in again.

CAPTCHA: This is a highly popular check employed by most websites today. You have type in the characters displayed in a box which ensures that a genuine person and not a computerized program is trying to log in.

Verification code: This is part of a two-factor authentication. Once a user signs in, a verification code is sent via cellphone. Only when the user keys in the right code can he access the account.

Account lockdown: When a user fails a certain number of login attempts, the account will automatically lock down and the user will have to contact admin to get it activated

So a strong and unique password that is stored safely and the use of a secure gadget are usually sufficient to keep your data safe online. Practice caution and ensure that an advanced, security software is running on all your internet-enabled gadgets.

Have you tried McAfee LiveSafe? This amazing security software will protect not only your device and data but also offer services like password manager, cloud storage, cross-device connectivity. Get it NOW!